Bug 123871

Summary:

Fix out-of-date offset in selection range code in range.surroundContents

Product:

WebKit

Reporter:

Ryosuke Niwa <rniwa>

Component:

DOM

Assignee:

Ryosuke Niwa <rniwa>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

ap, commit-queue, darin, esprehn+autocc, kangil.han, kling, webkit-bug-importer

Priority:

Keywords:

BlinkMergeCandidate, InRadar

Version:

528+ (Nightly build)

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Merges the fix	none

Description Ryosuke Niwa 2013-11-05 22:19:18 PST

Merge https://chromium.googlesource.com/chromium/blink/+/c89b413ff0fc4aafa0c71d180b0b1e131bb37707

Code in Range::insertNode assumes that the start offset of the selection
range within its container does not change across a call to insertBefore
on the container, which is not true. This patch recomputes the start
offset when it is used after the insertBefore call.

Comment 1 Radar WebKit Bug Importer 2013-11-05 22:19:36 PST

<rdar://problem/15401410>

Comment 2 Ryosuke Niwa 2013-11-05 22:25:50 PST

Created attachment 216135 [details]
Merges the fix

Comment 3 WebKit Commit Bot 2013-11-06 02:53:14 PST

Comment on attachment 216135 [details]
Merges the fix

Clearing flags on attachment: 216135

Committed r158738: <http://trac.webkit.org/changeset/158738>

Comment 4 WebKit Commit Bot 2013-11-06 02:53:16 PST

All reviewed patches have been landed.  Closing bug.